package com.aabte.permissionframeworklearn.springsecuritydemo;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.access.prepost.PreFilter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.ArrayList;
import java.util.List;

/**
 * @author Daniel
 */
@RestController
@SpringBootApplication
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SpringSecurityDemoApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringSecurityDemoApplication.class, args);
    }

    @GetMapping
    public String hello() {
        return "hello world!";
    }

    @GetMapping(value = "/hello")
    public String hello2() {
        return "hello security!";
    }

    @PreAuthorize(value = "hasRole('ROLE_ADMIN') or hasRole('ROLE_USER')")
    @GetMapping("/roleAuth")
    public String role() {
        return "admin auth";
    }

    @PreAuthorize(value = "#id<10 " +
            "or principal.equals(#username) " +
            "and #user.username.equals('abc')")
    @PostAuthorize("returnObject%2==0")
    public Long test1(Long id, String username, User user) {
        return 1L;
    }

    @PreFilter("filterObject%2 == 0")
    @PostFilter("filterObject%4 == 0")
    public List<Long> test2(List<Long> ids) {
        return new ArrayList<>();
    }
}
